LDAPIdentityStoreConfiguration to be configured via XML, Support for test of OpenDS 2.0

idm/impl/src/main/java/org/picketlink/idm/config/internal/XMLBasedIdentityManagerProvider.java

@@ -70,19 +70,22 @@ public class XMLBasedIdentityManagerProvider {
     public static final ClassLoader IDM_CLASSLOADER = IdentityManager.class.getClassLoader();
 
     public IdentityManager buildIdentityManager(InputStream inputStream) {
+        IDMType idmConfiguration = parseIDMType(inputStream);
+        return buildIdentityManager(idmConfiguration);
+    }
+
+    public IDMType parseIDMType(InputStream inputStream) {
         try {
             // TODO: Think about subclassing AbstractSAMLConfigurationProvider (if it's going to be decoupled from federation module)
             PicketLinkConfigParser parser = new PicketLinkConfigParser();
             PicketLinkType plType = (PicketLinkType)parser.parse(inputStream);
-            IDMType idmConfiguration = plType.getIdmType();
-            return buildIdentityManager(idmConfiguration);
+            return plType.getIdmType();
         } catch (ParsingException pe) {
             throw new SecurityConfigurationException("Could not parse picketlink configuration", pe);
         }
     }
 
-    protected IdentityManager buildIdentityManager(IDMType idmType) {
-        // TODO: implement
+    public IdentityManager buildIdentityManager(IDMType idmType) {
         String identityManagerClass = idmType.getIdentityManagerClass() != null ? idmType.getIdentityManagerClass() : DEFAULT_IDENTITY_MANAGER_CLASS;
         IdentityManager identityManager = (IdentityManager)instantiateComponent(identityManagerClass);
 

idm/impl/src/test/java/org/picketlink/test/idm/suites/LDAPIdentityStoreTestSuite.java

@@ -22,13 +22,26 @@
 
 package org.picketlink.test.idm.suites;
 
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+
+import org.junit.After;
 import org.junit.AfterClass;
+import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.runner.RunWith;
 import org.junit.runners.Suite.SuiteClasses;
 import org.picketbox.test.ldap.AbstractLDAPTest;
+import org.picketlink.config.PicketLinkConfigParser;
+import org.picketlink.config.federation.PicketLinkType;
+import org.picketlink.config.idm.IDMType;
+import org.picketlink.config.idm.StoreConfigurationType;
 import org.picketlink.idm.IdentityManager;
 import org.picketlink.idm.config.IdentityConfiguration;
+import org.picketlink.idm.config.IdentityStoreConfiguration;
+import org.picketlink.idm.config.internal.XMLBasedIdentityManagerProvider;
 import org.picketlink.idm.internal.DefaultIdentityManager;
 import org.picketlink.idm.internal.DefaultIdentityStoreInvocationContextFactory;
 import org.picketlink.idm.ldap.internal.LDAPConfigurationBuilder;
@@ -55,19 +68,18 @@
  * <p>
  * Test suite for the {@link IdentityManager} using a {@link LDAPIdentityStore}.
  * </p>
- * 
+ *
  * @author <a href="mailto:psilva@redhat.com">Pedro Silva</a>
- * 
+ *
  */
 @RunWith(IdentityManagerRunner.class)
 @SuiteClasses({ UserManagementTestCase.class, PasswordCredentialTestCase.class, RoleManagementTestCase.class, GroupManagementTestCase.class,
         AgentManagementTestCase.class, AgentQueryTestCase.class, UserQueryTestCase.class, RoleQueryTestCase.class,
         GroupQueryTestCase.class, AgentGroupRoleRelationshipTestCase.class, AgentGroupsRelationshipTestCase.class,
         UserRolesRelationshipTestCase.class, UserGroupRoleRelationshipTestCase.class, GroupMembershipTestCase.class
-         })
+})
 public class LDAPIdentityStoreTestSuite extends AbstractLDAPTest implements TestLifecycle {
 
-    private static final String BASE_DN = "dc=jboss,dc=org";
     private static LDAPIdentityStoreTestSuite instance;
 
     public static TestLifecycle init() throws Exception {
@@ -78,18 +90,18 @@ public static TestLifecycle init() throws Exception {
         return instance;
     }
 
-    private static final String LDAP_URL = "ldap://localhost:10389";
-    private static final String ROLES_DN_SUFFIX = "ou=Roles,dc=jboss,dc=org";
-    private static final String GROUP_DN_SUFFIX = "ou=Groups,dc=jboss,dc=org";
-    private static final String USER_DN_SUFFIX = "ou=People,dc=jboss,dc=org";
-    private static final String AGENT_DN_SUFFIX = "ou=Agent,dc=jboss,dc=org";
+    private static final String DEFAULT_IDENTITY_CONFIG_FILE = "config/embedded-ldap-config.xml";
+
+    private String identityConfigFile;
 
     @BeforeClass
     public static void onBeforeClass() {
         try {
             init();
             instance.setup();
-            instance.importLDIF("ldap/users.ldif");
+            instance.overrideProperties();
+            String ldifFile =  System.getProperty("plidm.ldif.file", "ldap/users.ldif");
+            instance.importLDIF(ldifFile);
         } catch (Exception e) {
             e.printStackTrace();
         }
@@ -104,42 +116,69 @@ public static void onDestroyClass() {
         }
     }
 
+    @Before
     @Override
-    public void onInit() {
+    public void setup() throws Exception {
+        identityConfigFile = System.getProperty("plidm.xml.configuration", DEFAULT_IDENTITY_CONFIG_FILE);
 
+        // Setup and start Ldap only in case of embedded ApacheDS
+        if (DEFAULT_IDENTITY_CONFIG_FILE.equals(identityConfigFile)) {
+            super.setup();
+        }
     }
 
+    @After
     @Override
-    public IdentityManager createIdentityManager() {
-        IdentityConfiguration config = new IdentityConfiguration();
-
-        config.addStoreConfiguration(getConfiguration());
-
-        IdentityManager identityManager = new DefaultIdentityManager();
-
-        identityManager.bootstrap(config, new DefaultIdentityStoreInvocationContextFactory(null));
+    public void tearDown() throws Exception {
+        // Stop Ldap only in case of embedded ApacheDS
+        if (DEFAULT_IDENTITY_CONFIG_FILE.equals(identityConfigFile)) {
+            super.tearDown();
+        }
+    }
 
-        return identityManager;
+    /**
+     * Override properties needed for LDIF import
+     */
+    private void overrideProperties() {
+        XMLBasedIdentityManagerProvider configProvider = new XMLBasedIdentityManagerProvider();
+        InputStream configStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(identityConfigFile);
+        IDMType idmType = configProvider.parseIDMType(configStream);
+        StoreConfigurationType storeType = idmType.getIdentityConfigurationType().getIdentityStoreConfigurations().get(0);
+
+        adminDN = (String)storeType.getProperty("bindDN");
+        adminPW = (String)storeType.getProperty("bindCredential");
+        dn = (String)storeType.getProperty("baseDN");
+
+        // Parse host and port from string like "ldap://localhost:1389"
+        String ldapURL = (String)storeType.getProperty("ldapURL");
+        String[] splits = ldapURL.split(":");
+        serverHost = splits[1].substring(2);
+        port = splits[2];
     }
 
     @Override
-    public void onDestroy() {
+    public void onInit() {
 
     }
 
-    public static LDAPIdentityStoreConfiguration getConfiguration() {
-        LDAPConfigurationBuilder builder = new LDAPConfigurationBuilder();
-        LDAPIdentityStoreConfiguration config = (LDAPIdentityStoreConfiguration) builder.build();
+    @Override
+    public IdentityManager createIdentityManager() {
+        XMLBasedIdentityManagerProvider configProvider = new XMLBasedIdentityManagerProvider();
+        InputStream configStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(identityConfigFile);
+        return configProvider.buildIdentityManager(configStream);
+    }
 
-        config.setBaseDN(BASE_DN).setBindDN("uid=admin,ou=system").setBindCredential("secret").setLdapURL(LDAP_URL)
-                .setUserDNSuffix(USER_DN_SUFFIX).setRoleDNSuffix(ROLES_DN_SUFFIX).setAgentDNSuffix(AGENT_DN_SUFFIX)
-                .setGroupDNSuffix(GROUP_DN_SUFFIX);
+    @Override
+    public void onDestroy() {
 
-        return config;
     }
 
     @Override
     public void importLDIF(String fileName) throws Exception {
-        super.importLDIF(fileName);
+        if (DEFAULT_IDENTITY_CONFIG_FILE.equals(identityConfigFile)) {
+            super.importLDIF(fileName);
+        } else {
+            // TODO: Find a way to perform LDIF import for non-embedded LDAP servers (CMD via Runtime.getRuntime ?)
+        }
     }
 }

idm/impl/src/test/resources/config/embedded-ldap-config.xml

@@ -13,6 +13,7 @@
 
     <IdentityConfiguration>
       <IdentityStoreConfiguration ClassName="org.picketlink.idm.ldap.internal.LDAPIdentityStoreConfiguration">
+        <Property Name="baseDN">dc=jboss,dc=org</Property>
         <Property Name="bindDN">uid=admin,ou=system</Property>
         <Property Name="bindCredential">secret</Property>
         <Property Name="ldapURL">ldap://localhost:10389</Property>

idm/impl/src/test/resources/config/opends2-local-ldap-config.xml

@@ -0,0 +1,22 @@
+<PicketLink xmlns="urn:picketlink:identity-federation:config:2.1">
+
+  <!-- Start of IDM configuration -->
+  <PicketLinkIDM>
+
+    <IdentityConfiguration>
+      <IdentityStoreConfiguration ClassName="org.picketlink.idm.ldap.internal.LDAPIdentityStoreConfiguration">
+        <Property Name="baseDN">o=plidmtest,dc=example,dc=com</Property>
+        <Property Name="bindDN">cn=Directory Manager</Property>
+        <Property Name="bindCredential">password</Property>
+        <Property Name="ldapURL">ldap://localhost:1389</Property>
+        <Property Name="userDNSuffix">ou=People,o=plidmtest,dc=example,dc=com</Property>
+        <Property Name="roleDNSuffix">ou=Roles,o=plidmtest,dc=example,dc=com</Property>
+        <Property Name="groupDNSuffix">ou=Groups,o=plidmtest,dc=example,dc=com</Property>
+        <Property Name="agentDNSuffix">ou=Agent,o=plidmtest,dc=example,dc=com</Property>
+      </IdentityStoreConfiguration>
+    </IdentityConfiguration>
+
+  </PicketLinkIDM>
+
+</PicketLink>
+

idm/impl/src/test/resources/ldap/opends2-users.ldif

@@ -0,0 +1,84 @@
+dn: o=plidmtest,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: plidmtest
+
+dn: ou=People,o=plidmtest,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Agent,o=plidmtest,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Agent
+
+dn: uid=admin,ou=People,o=plidmtest,dc=example,dc=com
+objectclass: top
+objectclass: uidObject
+objectclass: person
+objectclass: extensibleObject
+objectclass: inetOrgPerson
+uid: admin
+cn: The Administrator
+givenname: The
+sn: Administrator
+mail: admin@jboss.org
+userPassword: admin
+
+dn: uid=guest,ou=People,o=plidmtest,dc=example,dc=com
+objectclass: top
+objectclass: uidObject
+objectclass: person
+objectclass: extensibleObject
+objectclass: inetOrgPerson
+uid: guest
+cn: Guest User
+sn: User
+userPassword: guest
+
+dn: ou=Roles,o=plidmtest,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,o=plidmtest,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: cn=Echo,ou=Roles,o=plidmtest,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: Echo
+description: the JBossAdmin group
+member: uid=admin,ou=People,o=plidmtest,dc=example,dc=com
+
+dn: cn=Administrator,ou=Roles,o=plidmtest,dc=example,dc=com
+objectClass: groupOfNames
+objectClass: top
+cn: Administrator
+description: Administrator role context
+member: uid=admin,ou=People,o=plidmtest,dc=example,dc=com
+
+dn: cn=Test Group,ou=Groups,o=plidmtest,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: Test Group
+description: the Test Group
+member: cn=Echo,ou=Roles,o=plidmtest,dc=example,dc=com
+member: uid=admin,ou=People,o=plidmtest,dc=example,dc=com
+
+dn: cn=Test Parent Group,ou=Groups,o=plidmtest,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: Test Parent Group
+description: the Test Parent Group
+member: cn=Test Group,ou=Groups,o=plidmtest,dc=example,dc=com
+
+dn: cn=Lonely Group,ou=Groups,o=plidmtest,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: Lonely Group
+description: the Lonely Group
+member: